Specifically, this week's video considers IOCs, which is short for Indications of Compromise. We look at this from the perspective of Cisco AMP for Endpoints.
Enjoy the training!
Charles has been wrapping up production on the SCOR (350-701) Video Training Series this week, so we thought it’d be fitting to go over one of the topics on the blueprint with you!
In this video, Charles takes a look at the advantages and features of Cisco Stealthwatch. Enjoy the training, and stay tuned for an upcoming product launch in the near future!
As a redundancy measure, it’s possible to deploy multiple Cisco ASAs together in a failover configuration, also known as a High Availability Implementation. This requires that the ASAs have identical software, licensing, memory, and interfaces. There are three possible high availability options to protect against downtime, which we'll explore here.
Active/Standby Failover Implementation: In this model, only one of the firewalls is responsible for processing traffic, while the other is designated as a hot standby. The standby device has the ability to take over traffic processing duties in the event that the active device fails.
Active/Active Failover Implementation: In this model, both firewalls actively process traffic as a cluster. The network is able to tolerate the failure of one of the devices, since they are performing identical duties.
This implementation is a bit more complex and requires multiple context mode. With multiple context mode, it’s possible to...
Cisco Zone-Based Policy Firewalls are a more modern implementation of the interface-based stateful inspection. This allows you to group interfaces into zones, which have similar functions or features. This allows for stateful packet inspection and application control, and a much more granular firewall policy.
In this video, I'll discuss common ZPF concepts and walk through a basic CLI implementation.
All the best,
A Virtual Local Area Network (VLAN) is a logical grouping of devices on one or more LANS, configured to communicate as if they were on the same segment. In order to communicate with devices in another VLAN, a Layer 3 device must be present for routing.
One way to simplify a multi-VLAN deployment is by use of the Private VLAN (PVLAN) feature. PVLANs achieve isolation at Layer 2 between ports in the same VLAN. This is done by designating the ports as one of three types: promiscuous, isolated, orcommunity. Each designation has its own unique set of rules which regulate the ability to communicate with other devices in the same VLAN.
Promiscuous Ports: These ports have the ability to communicate with all other ports within the PVLAN. The default gateway for the network segment would likely be a promiscuous port, since all devices need to be able to communicate with the gateway.
Isolated Ports: These ports have Layer 2 separation from all other ports...
Our organizational IT environments are constantly changing, driven by factors such as telecommuting, cloud technologies, and BYOD (Bring Your Own Device) policies. This requires modular and dynamic architectures in place, allowing flexibility while still maintaining a rigid security posture. One of the most foundational ways to accomplish this is through the use of network security zones, which we'll take a look at in this blog post. We'll cover common security zone types, and also zone filtering policy considerations for each.
A security zone is a portion of a network that has specific security requirements set. Each zone consists of a single interface or a group of interfaces, to which a security policy is applied. These zones are typically separated using a layer 3 device such as a firewall.
In a very broad sense, a firewall is used to monitor traffic destined to and originating from a network. Traffic is either allowed or denied based on a...
One question that I get asked all the time goes something like this: “How can I break into the cybersecurity field without any experience?” We hear the stats all the time about zero-percent cybersecurity unemployment and over a million job openings, but is it actually possible to get into this sector with little or no real-world exposure?
Just as with many other careers, I think cybersecurity (and IT in general, I would argue) suffers from unrealistic expectations, particularly at the entry level. I’ve had discussions with so many students who are shocked that employers aren’t beating their door down, after they’ve obtained legitimately difficult and prestigious certifications. The truth is that competition is fierce. Degrees and certifications guarantee nothing, in reality. That’s why it’s so important to be well-prepared in every possible way.
So, the short answer is yes, it is possible to get into the cybersecurity field with...